September 16, 2024 at 09:36PM Microsoft has confirmed that a recently patched Internet Explorer vulnerability, CVE-2024-43461, was exploited as a zero-day before it was fixed. The flaw allowed malicious actors to hide the true file-type extension of a downloaded file, enabling the execution of malicious code. This exploit was used by the Void Banshee gang … Read more
August 19, 2024 at 03:07PM Eight vulnerabilities in Microsoft’s macOS apps pose security risks by allowing unauthorized access to sensitive data, recording video and sound, and escalating privileges. Microsoft has been reluctant to address the issues, deeming them low risk and insisting that certain applications require the ability to load unsigned libraries. Apple’s security measures … Read more
June 24, 2024 at 01:38PM Four Vietnamese nationals linked to the cybercrime group FIN9 have been indicted for causing over $71 million in losses to U.S. companies. The defendants carried out cybercrimes from May 2018 to October 2021, using phishing campaigns and supply chain attacks to steal data and funds. They face multiple charges, with … Read more